Cookies usage

This website uses cookies for security reasons, to manage registered user sessions, interact with social networks, analyze visits and activities of anonymous or registered users, and to keep the selected language in your navigation through our pages. Any action in this website implies consent for installation and usage. For more information see our cookies policy.
close

Hello,I'm new to Zentyal and Windows AD, and I've just installed Zenytal 6.0 as a standalone Domain Controller (hostname master, domain insieme.lan) with roaming profiles enabled.

I successfully joined a Windows 10 VM to the domain (INSIEME) and created a new domain user (alex) with romaing profile (\\master.INSIEME.LAN\profiles\alex), and I have the same problem: GPO's are not applied on user logon.

I followed your suggestion and created the above registry keys, but it did not help.

Moreover, after I modified the default domain policy (I set password expiration to 42 days) and rebooted the W10 client, the roaming profile stopped working: on logon windows now complains about a problem with mobile profile and uses a saved local profile.

The event viewer says that User profile service is unable to access the server copy of the mobile profile, but the profile dir (/home/samba/profiles/alex and /home/samba/profiles/alex.V6) are still there (they were created by Windows on first logon), and I can access the profile path \\master.INSIEME.LAN\profiles\alex and \\master.INSIEME.LAN\profiles\alex.V6 using Explorer when logged in as user 'alex', so I cannot understand why Windows cannot find the profile.

Active Directory Domain Services Replication encountered the existence of objects in the following partition that have been deleted from the local domain controllers (DCs) Active Directory Domain Services database. Not all direct or transitive replication partners replicated in the deletion before the tombstone lifetime number of days passed. Objects that have been deleted and garbage collected from an Active Directory Domain Services partition but still exist in the writable partitions of other DCs in the same domain, or read-only partitions of global catalog servers in other domains in the forest are known as "lingering objects".

Source domain controller: 4e851e84-f1a2-4f88-a252-ce2fc2dc40f5._msdcs.company.com <--- this is the Zentyal DC-

Object: DC=122\0ADEL:e6508b9b-c06f-420f-b2a0-87ebff728ee5,CN=Deleted Objects,DC=ForestDnsZones,DC=company,DC=com Object GUID: e6508b9b-c06f-420f-b2a0-87ebff728ee5 This event is being logged because the source DC contains a lingering object which does not exist on the local DCs Active Directory Domain Services database. This replication attempt has been blocked.

Could you explain me your system topology extensely (a detailed graphic would be appreciated) and the problem one more time? I'm re-reading the topic and I fear I don't have understood rightly your issue.

Really, to keep a process reading the dhcp leases in order to execute an script based on the samba-tool doesn't seems to me the better of the fixes. (Besides, Zentyal webadmin doesn't reflects these DNS records created by samba-tool)However, the more I think about it the more i'm convinced that you should search the solution on the Ebox API.(Obviously this task is undistinguisable of fixing the Zentyal dynamic dns bug) O_o

In relation with the possibility of using another DNS server, be conscious that the Zentyal Domain Controller has to be the DNS server (Samba4 manages the DNS server itself) so, you don't have to install another DNS server, ( it solves anything ). Simply you have to configure DDNS on the BIND9 of the Zentyal Samba4 implementation and the Zentyal DHCP without breaking them (nor Zentyal)Remember that you have to modify the needed parameters on the Zentyal stubs. (read this: https://doc.zentyal.org/es/appendix-c.html#stubs )I would like to try this this week end. I'll tell you about it!Cheers!

topologyi just want user from wireless can join domain, hence from you statement by default if we configure zentyal as domain control it must be include dns in zentyal it self..?

but dhcp server from zentyal to simple, if we have multiple ip address with multiple class it can be done using multiple nic it is correct ...?

Could you explain me your system topology extensely (a detailed graphic would be appreciated) and the problem one more time? I'm re-reading the topic and I fear I don't have understood rightly your issue.

Really, to keep a process reading the dhcp leases in order to execute an script based on the samba-tool doesn't seems to me the better of the fixes. (Besides, Zentyal webadmin doesn't reflects these DNS records created by samba-tool)However, the more I think about it the more i'm convinced that you should search the solution on the Ebox API.(Obviously this task is undistinguisable of fixing the Zentyal dynamic dns bug) O_o

In relation with the possibility of using another DNS server, be conscious that the Zentyal Domain Controller has to be the DNS server (Samba4 manages the DNS server itself) so, you don't have to install another DNS server, ( it solves anything ). Simply you have to configure DDNS on the BIND9 of the Zentyal Samba4 implementation and the Zentyal DHCP without breaking them (nor Zentyal)Remember that you have to modify the needed parameters on the Zentyal stubs. (read this: https://doc.zentyal.org/es/appendix-c.html#stubs )I would like to try this this week end. I'll tell you about it!Cheers!